The code would not be signed by Linus; you do not know his private key. If I as ...

		rpearl on Sept 1, 2011 \| parent \| context \| favorite \| on: Kernel.org has been hacked (see site news) The code would not be signed by Linus; you do not know his private key. If I as a developer then pull and verify signatures, I would note that commit was unsigned and expect the commit to be compromised.

But you cannot sign commits in git, only tags, right?